'RLD INTELLECTUAL PROPERTY ORGANIZATIOl 
International Bureau 




PCX 

INTERNATIONAL APPUCATION PUBUSHED UNDER THE PATENT COOPERATION TREATY (PCT) 



(51) International Patent Classification ^ : 
G06F 1/00, H04Q 7738, H04L 9/32 



Al 



(11) International Publication Number: WO 97/31306 

(43) International Publication Date: 28 August 1997 (28.08.97) 



(21) International Application Number: PCT/FI97/00067 

(22) International Filing Date: 6 February 1997 (06.02.97) 



(30) Priority Data: 

960820 



23 February 1996 (23.02.96) 



FI 



(71) Applicant {for all designated States except US): NOKIA 

MOBILE PHONES LTD. [FI/FIJ; PI 86. FIN.24101 Sale 
(Fl). 

(72) Inventors; and 

(75) Inventors/Applicants (for US only): SORMUNEN, Toni 
(Flynj; Artturintie 6, FIN-33880 Saaksjarvi (FI). KURKI, 
Tecmu (FI/FI); Lahtomacnkatu 3 G 102. FIN-33580 
Tampere (FI). 

(74) Agents: PURSIAINEN, Timo et al.; Tampereen Patcntti- 
toimisto Oy, Henniankatu 6, FIN>33720 Tampere (FI). 



(81) Designated States: AL. AM. AT, AU. AZ, BA, BB, BG. BR, 
BY. CA, CH, CN, CU, CZ, DE, DK, EE. ES, FI, GB, GE, 
HU, IL, IS. JP, KE, KG, KP, KR, KZ, LC. LK. LR, LS. 
LT, LU, LV. MD, MG, MK, MN, MW. MX. NO. NZ, PL, 
PT, RO, RU, SD. SB. SG. SI, SK, TJ, TM, TR, TT. UA, 
UG, US. UZ, VN, YU, ARIPO patent (KE. LS. MW. SD. 
SZ. UG), Eurasian patent (AM. AZ. BY. KG. KZ, MD. RU. 
TJ, TM), European patent (AT, BE. CH. DE, DK, ES. FI. 
FR. GB. GR, IE. FT. LU. MC, NL. PT. SE), OAPI patent 
(BF, BJ. CF. CG, CI. CM. GA. GN, ML. MR. NE. SN. TD. 
TG). 



Published 

With international search report. 

Before the expiration of the time limit for amending the 
claims and to be republished in the event of the receipt of 
amendments. 



(54) Titie: METHOD FOR OBTAINING AT LEAST ONE ITEM OF USER AUTHENTICATION DATA 





(57) Abstract 

A method for obtaining at least one item of user specific data, wherein the user specific data is obtained at least partly by using 
paging or a short message service. 



^est Available Copv 



. <WQ 9731306A1 I > 




FOR THE PURPOSES OF INFORMATION ONLY 



Codes used to identify States paity to the PCT on the front pages of pamphlets publishing international 
applications under the PCT. 



AM 


Annenia 


GB 


United Kingdom 


MW 


Malawi 


AT 


Austria 


GE 


Georgia 


MX 


Mexico 


AU 


Australia 


GN 


Guinea 


NE 


Niger 


BB 


Baiiisdos 


GR 


Greece 


NL 


Netherlands 


BE 


Belgium 


HU 


Hungaiy 


NO 


Norway 


BF 


Burkina Faso 


IE 


Ireland 


NZ 


New Zealand 


BG 


Bulgaria 


IT 


Kafy 


PL 


Poland 


BJ 


Beoiii 


JP 


Japan 


PT 


Portugal 


BR 


Brazil 


KE 


Kenya 


RO 


Romania 


BY 


Belarus 


KG 


Kyrgyttan 


RU 


Russian Federation 


CA 


Canada 


KP 


Democratic Pieople*s Republic 


SO 


Sudan 


CF 


Central Afncaa Republic 




of Korea 


SE 


Sweden 


CG 


Congo 


KR 


Republic of Korea 


SG 


Singapore 


CH 


Switzerland 


KZ 


Kazakhstan 


SI 


Sk>venia 


CI 


Cdte d' I voire 


U 


Uecfatenstein 


SK 


Sk>vakta 


CM 


Cameroon 


LK 


Sri Lanka 


SN 


Senegal 


CN 


China 


LR 


Liberia 


sz 


Swaziland 


CS 


Czechoslovakia 


LT 


Lithuania 


TD 


Chad 


cz 


Czech Republic 


LU 


Luxembourg 


TG 


Togo 


DE 


Germany 


LV 


Latvia 


TJ 


Tajikistan 


DK 


Denmaric 


MC 


Monaco 


TT 


Trinidad and Tobago 


EE 


Estonia 


MD 


Republic of MoMova 


UA 


Ukraine 


E5 


Spain 


MG 


Madagascar 


UG 


Uganda 


FI 


Poiland 


ML 


Mali 


US 


United States of America 


FR 


Fiance 


MN 


Mongolia 


uz 


Uzbekistan 


OA 


Gabon 


MR 


Maucitaota 


VN 


Viet Nam 



BNSDOCID: <WO 9731306A1J_> 



wo 97/31306 



PCT/FI97/00067 



Method for obtaining at least one item of user authentication data 

The invention relates to a method and Sfystem for obtaining at least one 
item of user specific authentication data, such as a password and/or a 
5 user name. 

Information services refer in this specification chiefly to electronic infor- 
mation services which can be used by a data processor or the like. For 
using an information service, a data transmission connection is formed 

10 from the data processor to the information service, which is for example 
an application in the computer of the information service provider. The 
data transmission connection can be formed for example by using a 
telecommunication network or a mobile communication network. Upon 
using an Information service, usually user specific authentication data is 

15 required, for example a user name and password, which are given with 
a data processor at the stage when the connection to the Information 
service is formed. The user name and the password enable the infor- 
mation service provider to control the user using the information 
service, wherein also invoicing can be directed to the users appropri- 

20 ately for example according to usage time. A further object of the user 
name and the password is to prevent unauthorized use of the informa- 
tion service. 

A wide range of services is available for example via the Internet net- 
25 work. Via the network it is possible to make orders and to scan data- 
bases and articles. In addition, many banks offer their customers the 
possibility to pay bills and enquire account transactions using a data 
processor at home or eyen at work. 

30 A user name is user specific and it is usually not changed in different 
connection set-ups. Passwords, on the other hand, can be divided into 
three main types: 

1. One single password valid as long as the user is a regis- 

35 tered subscriber to the service. A password of this type is 

used mainly in services with less need for security. 
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2. A list of single-connection passwords, each valid for only 
one connection. For the first connection, the first password 
is used, for the second connection, the second password is 
used, etc., as long as all the passwords in the list are used. 

5 Subsequently, a new set of passwords has to be ordered 

before the service can be further used. In some services a 
new list is sent within a short notice before the last pass- 
word in the list is used in order to PDinimize the possible 
intenruption at the list change. Passwords of this type are 
10 commonly used with information services provided espe- 

cially by banks. 

3. A periodical password valid for a predefined period of time. 
This type of password may be used within the period 

15 determined for the password regardless of how many times 

the connection is made. The validity period may be for 
example a month or a year, after which the password is to 
be changed into a new one. 



20 Especially when using passwords of the type 2.. the problem is that the 
list has to be kept safe and account of the last used password has to be 
kept in one way or another. Thus the possibility of abuse is great, 
especially if the list and the user name are preserved in the same 
place. 

25 

Regardless of which password type is used, it is the user of the service 
who is to a great extent responsible for data security, and the service 
provider has few possibilities to prevent and control abuse for example 
in case the password falls into the wrong hands. 

30 

When a new user starts using the information service, the user has to 
register to the information service provider. This may be done for 
example by a written subscription request, in which the user gives his or 
her personal data and other information required, most often by mail, 
35 electronic mail (e-mail) or facsimile. In due course, the new user is sent 
a user name and a password or a list of passwords. These are sent 
most commonly by mail. In some cases the information may also be 
sent by facsimile, but In this case it is more likely that the user name 
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and the password fall Into the wrong hands. Also electronic mail may be 
used for informing a user name and a password. However, especially 
the Internet network is an open network in which the communicated 
data is in unenciphered form. Furthermore, unauthorized persons can 
5 easily read information transferred via the Internet. 

In some cases, the user is mailed the information that the user specific 
authentication data may be dispatched from a post office or bank. In 
this case the identity of the user can still be checked when the authenti- 
10 cation data is despatched. 

Figure 1 shows a flow diagram of a commonly used method for obtain- 
ing user specific authentication data. The person (block 101) who wants 
to become a user of an information service, sends a subscription 

16 request (block 102) to the information service provider (block 103). The 
Information service provider sends a subscription form to the user 
(block 104). Having filled in the form (block 105), the user sends it back 
to the service provider for example by facsimile or by mail (block 106). 
The information service provider subsequently handles the form and 

20 allots the user the user specific authentication data and sends it for 
instance by mail, electronic mail or facsimile (block 107). Having 
received the user specific authentication data, the user can start using 
the information service (block 1 08). 

25 For example in the Internet network, some information service provid- 
ers use a method for registering a new user, whereby the person who 
intends to become a user, forms a data transmission connection to the 
Internet address of the service provider. Thus in the display unit of a 
data processor a subscription form is produced, in which the user may 

30 fill in his or her personal data by using the keyboard of the data proc- 
essor. Information to be filled in include e.g. forename, sumame, a pro- 
posal for user name and password. After the information has been filled 
in. the data is saved to be processed in the computer of the service 
provider. The information service provider handles the information and, 

35 when accepting a new user, forms a record or the like for the user, in 
which the data of the new user is saved. After accepting the new user, 
the Information service provider sends the infomiation of this to the 
Internet address of the user. Next, the new user may form a connection 
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to the Information service. In this method the user may In other words 
inform the desired password, in which case the Information service 
provider does not send the password with a return message. Also this 
method includes for example the disadvantage that the user specific 
5 authentication data in connection to the subscription request is trans- 
mitted via a data network, whereby it Is possible that the password and 
the user name fall Into the wrong hands. 

The interval between the potential user has sent a subscription request 
10 and receives the user specific authentication data Is a few days, even 
weeks. A somewhat shorter delay is reached in situations in which the 
subscription request can be made via a data processor by contacting 
the computer of the sen/ice provider. Even in cases like this, the han- 
dling of the subscription data takes some time, possibly a few days, 
15 which means that the using of the service can not be initiated before 
this. 

An object of the present Invention Is to eliminate the disadvantages 
disclosed above and to establish a method wherein transmission of 

20 user specific authentication data from the service provider to the user of 
the service can be performed as fast and as safely as possible. The 
invention is based on the idea that user specific authentication data is 
transmitted to the user by using, at least partly, a paging system or a 
short message service. The method according to the invention is char- 

25 acterized in what will be mentioned in the characterizing part of the 
appended claim 1. The system according to the Invention is character- 
ized in what will be mentioned in the characterizing part of the 
appended claim 13. 

30 The present invention can be applied especially in such telecommuni- 
cation systems in which it is possible to transmit short messages to a 
terminal belonging to the telecommunication system on the basis of a 
terminal key, sudi as a telephone number. This quality Is included in 
mobile communication systems. In publication TSK 19 "Matkaviestin- 

35 sanasto" by Tekniikan sanastokeskus (Finnish Center for Technical 
Vocabulary) a mobile communication system is defined as a telecom- 
munication system composed of a mobile communication network and 
mobile stations. Mobile communication systems include for example a 
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cellular system, a paging system and a mobile phone system. A cellular 
system, such as the GSM system, is a mobile communication system in 
which a cellular network is used. A paging system is a one-way mobile 
communication system intended for paging. A mobile phone system is 
5 a two-way mobile communication system primarily intended for speech 
transmission. It is advantageous to apply the present system in mobile 
communication systems which include short message service (SMS) or 
paging. 

10 The present invention provides considerable advantages over methods 
of prior art. The method according to the present invention enables very 
fast subscription, whereby the using of the service may be initiated 
almost immediately after a subscription request has been sent, be- 
cause transmission of user information is conducted in enciphered, 

15 electronic form and the receiver can be recognized in order to prevent 
abuse. A further advantage of the fast data transmission is that the 
validity of passwords can be shortened remaricably and security may 
thus be improved. 

20 The invention will be described in more detail below with reference to 
the appended figures, in which 

Fig. 1 shows a block diagram of a method in transmitting a user 
name and passwords according to prior art, 

25 

Fig. 2 shows a method for transmitting a user name and pass- 
words according to a preferred embodiment of the invention. 
and 

30 Fig. 3 shows an alternative embodiment of the invention for 
transmitting a user name and passwords. 

According to a preferred embodiment of the invention illustrated in 
Fig. 2 a two-way questionnaire of user specific authentication data 
35 exhibits only those blocks essential in application of the method. For 
obtaining the password or the list of passwords required for using a 
service 1 , the user of the service sends a short message 2 from a 
paging terminal 3, such as a mobile station. The short message 2 
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includes a password request and possibly also a subscription request 
for a new user. With the short message from the paging terminal 3, 
authentication data of the sender is sent to a paging service center 4. 
The form of the data depends on the type of the message system used. 
5 For example the GSM system allows sending short messages, wherein 
a GSM mobile station can be used in implementation of the method 
according to the invention. The short messages are transmitted in 
enciphered form, whereby it is almost impossible for outsiders to 
decipher the content of the short messages. In formation of a short 

10 message for example a keyboard of a mobile station may be used or 
the message can also be supplied from the keyboard of a data proces- 
sor coupled to a mobile station. Further, the message can l>e sent by 
forming a data transmission connection to the internet network, to the 
so-called WWW (Wortd Wide Web) page of the infomiation service 

15 provider, and giving the user authentication data as well as the number 
of the mobile station, to which the authentication data Is transmitted 
preferably in a short message. Thus the mobile station is not needed in 
the data inquiry phase. 

20 The paging service center 4 processes the incoming message and 
forms according to it a data transmission connection to a password 
server 5 and transmits the inquiry to it. The password server 5 proc- 
esses the message and forms a reply message containing one or more 
passwords and the user name in case a new user is registered. The 

25 formation of the reply message can be automatic or it can require proc- 
essing of the information in one way or another, before a password and 
a possible user name can be admitted. A more detailed processing of 
this phase depends on the service provider and it is not significant in 
view of applying the present invention; consequently a more detailed 

30 description of the subject is herein unnecessary. 

The paging service center 4 is for example in the GSM system advanta- 
geously a short message service center. 

35 The password server 5 transmits the password and/or the user name to 
the short message service center 4. which forms according to the data 
a reply message 6, which is sent to the paging terminal 3 preferably in 
enciphered form. The short message service center 4 for example 
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attends to that the short message is sent to the correct paging terminal 
3. Herein it is possible to utilize the Information in the connection of the 
message received by the short message service center 4 from the 
paging terminal 3. The reply message 6 arrived to the paging terminal 3 
5 can be shown to the user for example by the display means 7 of a 
mobile station used as a paging terminal. The user may subsequently 
start using the service 1 . 

In order to be identified the user forms by a data processor 8 a data 
10 transmission connection to a verification service 9 of the service 1. 
After the user has given his or her user name and the valid password, 
the verification service 9 transmits the given data to the service 1, 
which sends a check request 1 1 of the user name and the password to 
the password server 5. The password server 5 examines the data and 
15 communicates in a reply message 12 to the service 1 whether the user 
name and the password are given correctly. If the data is correct, the 
user has a data transmission connection from the data processor 8 to 
the service 1 . in case the user name or the password are given incor- 
rectly, the password server 5 communicates this to the service 1, 
20 wherein the use of the service 1 is prevented. Furthermore, the pass- 
word server 5 can give a report to the service provider, which is capa- 
ble of using this information when controlling possible abuse attempts 
of the service 1 . 

25 The data processor 8 can have a data transmission connection to the 
mobile station 3. Thus the subscription request can be formed in the 
application software of the data processor 8, for example in a terminal 
program. The application software of the mobile station 3 forms a short 
message 2 on the basis of the subscription data given through the 

30 application software of the data processor. In a corresponding manner, 
the reply message 6 is processed In the application software of the 
mobile station and transmitted to the data processor 8, whereby the 
user is given his or her user-specific authentication data for using the 
information service. The use of the information service can then be 

35 started immediately by forming a data transmission connection with the 
service 1, as described above. The data transmission connection is 
formed advantageously through a mobile station. An advantage of this 
method is for example the fact that subscription as a user of the infor- 
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mation service can be performed anywhere within the receiving area of 
the mobiie communication network in which the mobile station 3 is con- 
nected. 

5 The data transmission connection for using the information service from 
the data processor 8 can be formed also as a modem connection to a 
wireline telecommunication network, which is known as such. 

The service block 1. the password server block 5 and the verification 
10 service block 9 shown in the block diagram of Fig. 2, can be placed for 
example in the mainframe of the service provider or the like, or they can 
be separate data processors between which data transmission connec- 
tions are formed. 

15 The data transmission connection 13 between the short message serv- 
ice center 4 and the password server 5 can be for example a direct 
connection by using ISDN/LAN (Integrated Services Digital Network / 
Local Area Network) or a conresponding connection. Also this is prior 
art known as such. Transmission of short messages between the pag- 

20 ing terminal 3 and the short message service center 4 is made prefer- 
ably at least partly in a wireless manner, for example by using a mobile 
communication network. 

Fig. 3 shows a reduced block diagram of another advantageous em- 
25 bodiment according to the present invention. The difference to the em- 
bodiment of Fig. 2 lies primarily in the fact that a paging terminal which 
is only capable of receiving messages can also be used as the paging 
terminal 3. In such a case, a subscription request is formed by a data 
processor 8 and transmitted to a verification service 9. The verification 
30 service 9 transmits the received message further to a password server 
5. A reply mer -^ige 6 is formed principally as described in connection 
with Fig. 2. As e paging terminal 3 in this embodiment, for example a 
paging device or the like may be used, whereby the method of trans- 
mitting the reply message to the paging device depends for example on 
35 the paging system used. 

In the embodiment of Fig. 3, the paging service center 4 is for example 
a paging network controller or a wireless messaging switch. 
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Methods have been developed for transmitting paging messages in 
connection with radio broadcasting so that they do not interfere with 
receiving the broadcasting. Thus the paging device includes a receiver 
5 which separates from the Incoming broadcasting the paging information 
coded In It and examines whether the transmission is intended to the 
user of this particular paging device, wherein the paging device forms a 
signal from the message to the display means 10. The user may con- 
sequently form a connection to the service 1 in a corresponding manner 
10 as presented in the above description in connection with the em- 
bodiment of Fig. 2. 

Another possible application of the present invention is that the user 
makes a call by using a telecommunication terminal, such as a tele- 

16 phone, to the telephone exchange of the information sen/ice provider, 
wherein the user can give the subscription data for example by dictating 
or tapping the telephone keys. Yet another alternative for sending the 
subscription request is electronic mail, which is known as such, wherein 
the data is given to the data processor in the electronic mail application 

20 used and transmitted via a telecommunication network or a mobile 
communication network to the electronic mail address of the informa- 
tion service provider. The transmission of the user specific authentica- 
tion data to the user is performed by using paging or short message 
service as presented in connection with the previous embodiments. 

25 

Further, the present invention can be applied also for obtaining a per- 
sonal identity number (PIN) of bank and credit cards and corresponding 
charge cards. Thus when the charge card is being ordered, the number 
of the orderer's paging device or mobile station can be given, wherein 

30 the supplier of the charge card transmits the personal identity number 
connected to the charge card to the paging device or the mobile station 
of the user. Thus it is not necessary to send the identity number by 
post, which decreases the possibility that the identity number falls into 
the wrong hands. In a corresponding manner, the method according to 

35 the invention can be used for requesting a new personal identity num- 
ber for a charge card which is already in use, wherein the identity num- 
ber is transmitted to the paging device or the mobile station of the user. 
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This may be necessary for example in situations when it is suspected 
that the identity number has fallen into the wrong hands. 

The present invention is not restricted solely to the embodiments pre- 
5 sented above, but it can be varied within the scope of the appended 
claims. 
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Claims : 

1 . A method for obtaining at least one item of user specific authentica- 
tion data, characterized in that the user specific authentication data is 

5 obtained at least partly by using paging or a short message service. 

2. A method according to claim 1 , wherein the user specific authentica- 
tion data Is used for forming a connection to an information service (1), 
which method comprises of sending (102) of a request for transmission 

10 of the user specific authentication data from the user to the information 
service provider, and receiving (107) of the user specific authentication 
data sent by the information service provider, characterized In that 
the user specific authentication data is sent as a short message (6) 
which is received by the paging terminal (3) of the user. 

15 

3. A method according to claim 2, characterized in that the request 
for transmitting the user specific authentication data is sent as a short 
message (2). 

20 4. A method according to claim 2, characterized in that the request 
for transmitting the user specific authentication data is sent by a method 
known as such. 

5. A method according to claim 4, characterized In that the request 
25 for transmitting the user specific authentication data Is made by making 

a call by a telecommunication terminal, such as a telephone, to the 
telephone exchange of the information service provider, wherein the 

request can be made either by dictating or In preferably by_ voicerfre-- 

quency signals formed by touching the telephone keys. 

30 

6. A method according to claim 1. wherein the user specific authentica- 
tion data is used in forming a connection to the information service (1), 
which method comprises sending (102) of a subscription request from 
the user to the information service provider, wherein the subscription 

35 request comprises one or more items of user specific authentication 
data, and receiving (107) of the subscription data sent by the informa- 
tion service provider, characterized in that the user specific authenti- 
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cation data is sent to the infomnation service provider as a short mes- 
sage (2). 

7. A method according to claim 3 or 6, characterized in that a short 
5 message (2) is sent by the paging terminal (3) of the user. 

8. A method according to claim 1 , wherein the user specific authentica- 
tion data is used in forming a connection to an information service (1), 
which method comprises sending (102) a subscription request from the 

10 user to the information service provider, wherein the subscription 
request comprises one or more items of user specific data, and receiv- 
ing (107) of the subscription data sent by the Information service 
provider, characterized in that the request for subscription of user 
specific authentication data is made by making a call by a telecommu- 

15 nication terminal, such as a telephone, to the telephone exchange of 
the information service provider, wherein the request can be transmitted 
either by dictating or preferably by using voice-frequency signals 
formed by touching the telephone keys. 

20 9. A method according to claim 1 . wherein the user specific authentica- 
tion data is used to form a connection to the information service (1). 
which method comprises sending (102) a subscription request from the 
user to the information service provider, wherein the subscription re- 
quest comprises one or more items of user specific authentication data, 

25 and receiving (107) of the subscription data sent by the information 
service provider, characterized in that the subscription request is 
transmitted by using electronic mail, which is known as such. 

10. A method according to any of claims 2. 3, 6 or 7, characterized in 
30 that the paging temninal (3) of the user is a mobile station. 

11 . A method according to claim 10, characterized in that the mobile 
station is a cellular system mobile station, such as a GSM mobile sta- 
tion. 

35 

12. A method according to claim 10, characterized in that the mobile 
station of the user is a paging device, such as a long distance paging 
device. 
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13. A system for obtaining at least one item of user specific authentica- 
tion data, characterized in that the system comprises means (3, 4) for 
obtaining user specific authentication data by using at least partly pag- 
ing or a short message service. 

14. A system according to claim 13, characterized in that the means 
(3, 4) for obtaining user specific authentication data comprise a paging 
terminal (3). 

15. A system according to claim 14, characterized in that the paging 
terminal (3) is a mobile station. 

16. A system according to claim 15, characterized in that the mobile 
station is a cellular system mobile station, such as a GSM mobile sta- 
tion. 

17. A system according to claim 15, characterized in that the mobile 
station is a paging device, such as a long distance paging device. 
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